Dreamweaver by default creates and uploads a script to test remote database connectivity (mmhttpdb.asp) to the database-driven Web site being tested. If left on the server, the script can let a potential attacker access to the back-end database server without supplying a user ID and password.